[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f22yIv6U-OD50KHHUzPuesI4qrGpucHzOAgBWGLHy3Jw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":34,"analysis":126,"fingerprints":151},"wp-remove-authors-sitemap-from-yoast-seo","WP Remove Authors Sitemap from Yoast SEO","1.1","WP Academic","https:\u002F\u002Fprofiles.wordpress.org\u002Feastsidecode\u002F","\u003Cp>This WordPress Plugin removes authors from the Yoast SEO Sitemap.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>No setup required!\u003C\u002Fli>\n\u003C\u002Ful>\n","License: GPLv2 or later WordPress plugin to remove authors from the Yoast SEO Sitemap",0,1039,"2019-07-12T15:48:00.000Z","5.2.24","4.3","",[18,19],"http-headers","security","https:\u002F\u002Feastsidecode.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-remove-authors-sitemap-from-yoast-seo.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":27,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"eastsidecode",18,1440,86,30,84,"2026-04-04T12:28:53.449Z",[35,59,69,87,108],{"slug":18,"name":36,"version":37,"author":38,"author_profile":39,"description":40,"short_description":41,"active_installs":42,"downloaded":43,"rating":30,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":54,"download_link":55,"security_score":56,"vuln_count":57,"unpatched_count":11,"last_vuln_date":58,"fetched_at":24},"HTTP Headers","1.19.2","Dimitar Ivanov","https:\u002F\u002Fprofiles.wordpress.org\u002Fzinoui\u002F","\u003Cp>HTTP Headers gives your control over the http headers returned by your blog or website.\u003C\u002Fp>\n\u003Cp>Headers supported by HTTP Headers includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Access-Control-Allow-Origin\u003C\u002Fli>\n\u003Cli>Access-Control-Allow-Credentials\u003C\u002Fli>\n\u003Cli>Access-Control-Max-Age\u003C\u002Fli>\n\u003Cli>Access-Control-Allow-Methods\u003C\u002Fli>\n\u003Cli>Access-Control-Allow-Headers\u003C\u002Fli>\n\u003Cli>Access-Control-Expose-Headers\u003C\u002Fli>\n\u003Cli>Age \u003C\u002Fli>\n\u003Cli>Content-Security-Policy\u003C\u002Fli>\n\u003Cli>Content-Security-Policy-Report-Only\u003C\u002Fli>\n\u003Cli>Cache-Control\u003C\u002Fli>\n\u003Cli>Clear-Site-Data\u003C\u002Fli>\n\u003Cli>Connection\u003C\u002Fli>\n\u003Cli>Content-Encoding\u003C\u002Fli>\n\u003Cli>Content-Type\u003C\u002Fli>\n\u003Cli>Cross-Origin-Embedder-Policy\u003C\u002Fli>\n\u003Cli>Cross-Origin-Opener-Policy\u003C\u002Fli>\n\u003Cli>Cross-Origin-Resource-Policy\u003C\u002Fli>\n\u003Cli>Expect-CT\u003C\u002Fli>\n\u003Cli>Expires\u003C\u002Fli>\n\u003Cli>Feature-Policy\u003C\u002Fli>\n\u003Cli>NEL\u003C\u002Fli>\n\u003Cli>Permissions-Policy\u003C\u002Fli>\n\u003Cli>Pragma\u003C\u002Fli>\n\u003Cli>P3P\u003C\u002Fli>\n\u003Cli>Referrer-Policy\u003C\u002Fli>\n\u003Cli>Report-To\u003C\u002Fli>\n\u003Cli>Strict-Transport-Security\u003C\u002Fli>\n\u003Cli>Timing-Allow-Origin\u003C\u002Fli>\n\u003Cli>Vary\u003C\u002Fli>\n\u003Cli>WWW-Authenticate\u003C\u002Fli>\n\u003Cli>X-Content-Type-Options\u003C\u002Fli>\n\u003Cli>X-DNS-Prefetch-Control\u003C\u002Fli>\n\u003Cli>X-Download-Options\u003C\u002Fli>\n\u003Cli>X-Frame-Options\u003C\u002Fli>\n\u003Cli>X-Permitted-Cross-Domain-Policies\u003C\u002Fli>\n\u003Cli>X-Powered-By\u003C\u002Fli>\n\u003Cli>X-Robots-Tag\u003C\u002Fli>\n\u003Cli>X-UA-Compatible\u003C\u002Fli>\n\u003Cli>X-XSS-Protection\u003C\u002Fli>\n\u003C\u002Ful>\n","HTTP Headers adds CORS & security HTTP headers to your website.",50000,715994,70,"2024-12-22T11:49:00.000Z","6.7.5","3.2","5.3",[50,51,52,18,53],"cors-headers","csp-header","custom-headers","security-headers","https:\u002F\u002Fgithub.com\u002Friverside\u002Fhttp-headers","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhttp-headers.1.19.2.zip",91,4,"2023-07-13 00:00:00",{"slug":60,"name":61,"version":6,"author":7,"author_profile":8,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":11,"num_ratings":11,"last_updated":66,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":67,"homepage":20,"download_link":68,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"wp-secure-http-headers","WP Secure HTTP Headers","\u003Cp>This WordPress Plugin add secure headers to you WordPress site.\u003C\u002Fp>\n\u003Cp>The Following Headers are included:\u003Cbr \u002F>\n– Strict-Transport-Security: Enforces SSL if your website is using SSL (which it should be)\u003Cbr \u002F>\n– X-Frame-Options: Prevents Clickjacking\u003Cbr \u002F>\n– X-XSS-Protection: Prevents XSS attacks\u003Cbr \u002F>\n– X-Content-Type-Options: set to ‘nosniff to prevent MIME-type sniffing\u003Cbr \u002F>\n– Referrer-Policy: set to ‘no-referrer-when-downgrade’\u003C\u002Fp>\n\u003Cul>\n\u003Cli>No setup required!\u003C\u002Fli>\n\u003C\u002Ful>\n","License: GPLv2 or later WordPress plugin to add secure headers to your website.",40,1195,"2019-06-17T12:37:00.000Z",[18,19],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-secure-http-headers.zip",{"slug":70,"name":71,"version":72,"author":73,"author_profile":74,"description":75,"short_description":76,"active_installs":31,"downloaded":77,"rating":11,"num_ratings":11,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":16,"tags":81,"homepage":85,"download_link":86,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"eazy-http-headers","Eazy HTTP Headers","1.1.0","Rob Scott","https:\u002F\u002Fprofiles.wordpress.org\u002Fr0bsc0tt\u002F","\u003Cp>Eazy HTTP Headers provides three check boxes for settings on the general settings page.\u003Cbr \u002F>\nTwo of the check boxes, activate two functions built into WordPress, send_frame_options_header() & send_nosniff_header(), while the other sets a header for X-XSS Protection.\u003Cbr \u002F>\nThis allows you to control your sites HTTP Headers for X-Frame-Options & X-Content-Type-Options using functions built into WordPress functions.\u003C\u002Fp>\n","Provides settings to activate three HTTP header settings for X-Frame-Options, X-XSS Protection & X-Content-Type-Options.",2100,"2018-01-02T20:12:00.000Z","4..9.1","4.5",[18,82,19,83,84],"nosniff","x-content","x-frame","http:\u002F\u002Frobjscott.com\u002Fwordpress\u002Fplugins\u002Feazy-http-headers","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feazy-http-headers.zip",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":97,"num_ratings":98,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":106,"download_link":107,"security_score":22,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":24},"sea-sp-community-edition","SeaSP Community Edition","1.8.3","bluetriangle","https:\u002F\u002Fprofiles.wordpress.org\u002Fbluetriangle\u002F","\u003Cp>SeaSP Community Edition is an automated \u003Cstrong>Content Security Policy Manager\u003C\u002Fstrong>. SeaSP allows you to create, configure, manage, and deploy a Content Security Policy for your site.\u003C\u002Fp>\n\u003Cp>The WordPress SeaSP Community Edition plugin catalogs the domains that appear on your site. Categorize and filter out unwanted domains. Add a layer of WordPress security site from Magecart and other cross-site scripting attacks to keep your WordPress site safe.\u003C\u002Fp>\n\u003Cp>SeaSP installs a strict non-blocking CSP to collect violation data and provide a violation report. Violation data flows into the WordPress database as a PHP option within the plugin options schema. Violations can be approved by domains and categorized by directives (CSS, fonts, images, JS, etc.). You can also approve base domains and subdomains. The SeaSP UI helps users by explaining what each directive does, and how to use them to create a CSP.\u003C\u002Fp>\n\u003Cp>After configuring the domain and directive settings switch the CSP to blocking mode. Once the CSP goes into blocking mode, the site’s protected from any unrecognized code. SeaSP Community Edition helps secure your site.\u003C\u002Fp>\n\u003Ch3>Upgrade Notice for 1.4 only\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>When you install this version you will need to rebuild your CSP\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Once installed, a strict non-blocking report-only CSP is implemented on your site. Visit each page of your site to collect CSP violations.\u003Cbr \u002F>\nVisit the Current Violations page of the plugin to review domains that have violated a directive in the CSP.\u003Cbr \u002F>\nReview each of the domains carefully and check for misspellings of common domains like adobee.com instead of adobe.com as this is a common way hackers inject content into your site.\u003Cbr \u002F>\nIf you feel confident that the domain belongs on your site and it should be serving the file type stated, click the toggle to approve the domain to include it in the CSP.\u003Cbr \u002F>\nIf you want to allow subdomains of that domain to be able to serve that type of content, click the Manage subdomains button to view the subdomains.\u003Cbr \u002F>\nAfter this process, you might still see CSP violations regarding inline scripts, inline styles, blobs, or data.\u003Cbr \u002F>\nTo allow these this type of content in the community version you must navigate to the Directive Settings page, find the offending directive, then toggle the appropriate option.\u003Cbr \u002F>\nFor convenience, each option has a tooltip explaining what it allows in your CSP.\u003C\u002Fp>\n\u003Ch3>Walk Through\u003C\u002Fh3>\n\u003Cp>A walk through video can be found on YouTube \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FXdJNh6LEKJw\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FXdJNh6LEKJw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.\u003Cbr \u002F>\nThis project has been tested on WordPress up to version 5.8 on both single and multi-site instances.\u003Cbr \u002F>\nThe project can be found on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fblue-triangle-tech\u002Fsea-sp-community-edition\" rel=\"nofollow ugc\">github\u003C\u002Fa>.\u003Cbr \u002F>\nThis project is sponsored by \u003Ca href=\"www.bluetriangle.com\" rel=\"nofollow ugc\">Blue Triangle\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Third Party Libraries\u003C\u002Fh3>\n\u003Cp>We use \u003Ca href=\"https:\u002F\u002Fgetbootstrap.com\u002F\" rel=\"nofollow ugc\">Bootstrap\u003C\u002Fa> for the UI of our plugin to make the interface clean and simple.\u003Cbr \u002F>\nBootstraps license can be found \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftwbs\u002Fbootstrap\u002Fblob\u002Fmain\u002FLICENSE\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>We use \u003Ca href=\"https:\u002F\u002Fwww.bootstraptoggle.com\u002F\" rel=\"nofollow ugc\">bootstrap toggle\u003C\u002Fa> because simple check boxes can be confusing and we wanted our CSP mangers UI to feel easy. This code was developed for The New York Times by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fminhur\" rel=\"nofollow ugc\">Min Hur\u003C\u002Fa> and is licensed under \u003Ca href=\"https:\u002F\u002Fopensource.org\u002Flicenses\u002FMIT\" rel=\"nofollow ugc\">MIT\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fchoosealicense.com\u002Flicenses\u002Fgpl-3.0\u002F\" rel=\"nofollow ugc\">GNU\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Opt In usage data collection\u003C\u002Fh3>\n\u003Cp>As of version 1.5 users will be able to opt-in for data collection to help us determine how many people are using our plugin and what features we should be working on in future version. This can be managed in the Usage Data Settings page. We collect and send the following data:\u003Cbr \u002F>\n1. wordpress version\u003Cbr \u002F>\n2. wordpress debug mode\u003Cbr \u002F>\n3. wordpress multisite\u003Cbr \u002F>\n4. the base url that the plugin is on ex; www.bluetriangle.com\u003Cbr \u002F>\nThis data is only accessible to the Blue Triangle organization and will be used to determine our user base and feature planning.\u003C\u002Fp>\n","SeaSP Community Edition is an automated Content Security Policy Manager. SeaSP allows you to create, configure, manage, and deploy a Content Security  …",20,4225,94,3,"2021-07-19T19:09:00.000Z","5.8.13","5.1","7.0",[104,105,18,19],"content-security-policy","csp","https:\u002F\u002Fbluetrianglemarketing.github.io\u002FSeaSP-Community-Edition\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsea-sp-community-edition.1.8.3.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":11,"num_ratings":11,"last_updated":16,"tested_up_to":118,"requires_at_least":119,"requires_php":16,"tags":120,"homepage":122,"download_link":123,"security_score":124,"vuln_count":11,"unpatched_count":11,"last_vuln_date":23,"fetched_at":125},"strict-security-headers","Strict Security Headers","0.1.0","Justin Kopepasah","https:\u002F\u002Fprofiles.wordpress.org\u002Fkopepasah\u002F","\u003Cp>Strict Security Headers is a straightforward and lightweight plugin designed to enhance the security of your WordPress website by implementing modern security headers. Simply activate the plugin, and the headers are automatically added, there’s absolutely no configuration needed!\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Simple and Lightweight:\u003C\u002Fstrong> No configuration needed, just activate the plugin to enhance your website security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Security:\u003C\u002Fstrong> Helps in protecting your website against various types of attacks and vulnerabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Performance Impact:\u003C\u002Fstrong> Strict Security Headers is developed to have minimal impact on your website’s performance.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Additional Notes\u003C\u002Fh3>\n\u003Cp>For any issues, queries, or enhancements, please refer to the plugin support forum. Regular updates and enhancements will be rolled out to ensure optimum functionality and security of the plugin.\u003C\u002Fp>\n\u003Cp>Please consider sponsoring development to support the continued development and maintenance of this plugin: https:\u002F\u002Fgithub.com\u002Fsponsors\u002Fkopepasah\u003C\u002Fp>\n","Easily enable modern security headers for your website with the Strict Security Headers plugin, with no configuration required.",10,753,"6.3.8","5.5",[121,18,19,53],"headers","https:\u002F\u002Fdualfocus.dev\u002Fproducts\u002Fstrict-security-headers\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstrict-security-headers.0.1.0.zip",100,"2026-03-15T10:48:56.248Z",{"attackSurface":127,"codeSignals":139,"taintFlows":146,"riskAssessment":147,"analyzedAt":150},{"hooks":128,"ajaxHandlers":135,"restRoutes":136,"shortcodes":137,"cronEvents":138,"entryPointCount":11,"unprotectedCount":11},[129],{"type":130,"name":131,"callback":132,"priority":116,"file":133,"line":134},"filter","wpseo_sitemap_exclude_author","closure","index.php",22,[],[],[],[],{"dangerousFunctions":140,"sqlUsage":141,"outputEscaping":143,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":145},[],{"prepared":11,"raw":11,"locations":142},[],{"escaped":11,"rawEcho":11,"locations":144},[],[],[],{"summary":148,"deductions":149},"The \"wp-remove-authors-sitemap-from-yoast-seo\" plugin version 1.1 exhibits an excellent security posture based on the provided static analysis.  The absence of any detected dangerous functions, SQL queries not using prepared statements, file operations, external HTTP requests, nonce checks, or capability checks on entry points is a strong indicator of robust secure coding practices. The taint analysis further supports this by showing zero flows with unsanitized paths across all severity levels.\n\nCompounding these positive findings, the plugin has no recorded vulnerabilities (CVEs) of any severity. This lack of historical issues, coupled with the clean code analysis, suggests a well-maintained and secure plugin. While the plugin's core functionality might be limited, leading to a smaller attack surface, the lack of any exploitable paths or potential vulnerabilities in the analyzed code and its history is highly commendable. The plugin appears to be a safe addition for users needing its specific functionality.",[],"2026-03-17T07:15:35.447Z",{"wat":152,"direct":158},{"assetPaths":153,"generatorPatterns":154,"scriptPaths":155,"versionParams":156},[],[],[],[157],"\u002Fwp-content\u002Fplugins\u002Fwp-remove-authors-sitemap-from-yoast-seo\u002Findex.php?ver=",{"cssClasses":159,"htmlComments":160,"htmlAttributes":161,"restEndpoints":162,"jsGlobals":163,"shortcodeOutput":164},[],[],[],[],[],[]]